<?php
/*! @file
    
    @id $Id$

    @see @ref apilogin

    @page api

    @section apilogin Login

    API-call login.php

    Check if a user is consistent to the data in the server's database
    or create a user, if he does not yet exist in the @ref usertable
    (and the user name is available).

    @param user user's name
    @param pubkey user's public key

    @return json encoded status with text:
       - success() in case of success (user exists or has been created)
       - error() in case of mismatch
*/
//       1         2         3         4         5         6         7         8
// 45678901234567890123456789012345678901234567890123456789012345678901234567890
try {
  require_once("usertable.php");
  $user = $db->real_escape_string($_REQUEST['user']);
  $pubkey = $db->real_escape_string($_REQUEST['pubkey']);
  if ($user=="safechat") error("username safechat is reserved for server");
  $verify = gnupg_import($pgp, $_REQUEST['pubkey']);
  if (!$verify) error("wrong identity");
  $q = $db->query("select * from user where name='$user' and pubkey='$pubkey';");
  if ($q->num_rows==1) {
    success("user $user found on server");
  } elseif ($q->num_rows==0) {
    $q = $db->query("insert into user (name, pubkey) values ('$user', '$pubkey');");
    if (!$q) error("creation of user failed");
    success("user $user created on server");
  } else {
    error("server database defect");
  }
} catch (Exception $e) {
  error("login failed");
}
?>